Security Update 2020-005

[PeterLD]

Some of you have used macOS Recovery to re-install Mojave to a state before Security Update 2020-005, and possibly 004 too.

According to this Apple page: https://support.apple.com/en-gb/guide/mac-help/mchlp1599/mac

It does this:

• Reinstall macOS from the built-in recovery disk on your computer: Press and hold Command-R until the Utilities window appears.
  This option reinstalls the version of macOS stored on your computer’s built-in recovery disk, including any updates that you installed. (my emphasis)

My question is this: Does macOS Recovery forcibly re-install the problem Security Updates? Or are they downloaded after re-installation of to original operating system in the usual way by System Update?

 

[Patrice Brousseau]

1. I too was having crashes with cDock version 3.1.2 - so I tried the latest version, v4.1.5.
Same story, crashes on start up and it takes a lot of tinkering to even get the Dock showing up. In the end, cDock doesn't show any of the themed docks, or any other tweaks. Total waste of money.
Did you get it working and how?
2. Activity Monitor was showing 12GB of RAM (24GB installed in my iMac late 2012) used after the Security Update 005 was installed, now down to 7GB after running Onyx, with the options set to delete all the system, applications, and Font caches, basically everything except the Spotlight index. Starting up with the Shift key held down may be a viable alternative.

Recipe to get cDock working again:

https://forums.macrumors.com/thread...05.2256677/page-2?post=28954499#post-28954499

 

[Patrice Brousseau]

Some of you have used macOS Recovery to re-install Mojave to a state before Security Update 2020-005, and possibly 004 too.

According to this Apple page: https://support.apple.com/en-gb/guide/mac-help/mchlp1599/mac

It does this:

• Reinstall macOS from the built-in recovery disk on your computer: Press and hold Command-R until the Utilities window appears.
  This option reinstalls the version of macOS stored on your computer’s built-in recovery disk, including any updates that you installed. (my emphasis)

My question is this: Does macOS Recovery forcibly re-install the problem Security Updates? Or are they downloaded after re-installation of to original operating system in the usual way by System Update?

I would use the complete Mojave 10.14.6 installer then reinstall Security updates.

 

[PeterLD]

I would use the complete Mojave 10.14.6 installer then reinstall Security updates.

I'm downloading it from the App Store right now. Does Apple update this in the App Store with the Security Updates? I'll check the modification date on the file before using it, but of course it might just be today. 14 minutes remaining...

 

[Patrice Brousseau]

I'm downloading it from the App Store right now. Does Apple update this in the App Store with the Security Updates? I'll check the modification date on the file before using it, but of course it might just be today. 14 minutes remaining...

If I’m correct, the installer date is from September 2019, before 2nd supplemental update and before Security 2019-001.

 

[schmadrian]

2019 21.5" iMac. Installed the SU last night...and frustration rained down on me. Slower than a pig in molasses...hauling an elephant on its back. Am in the process of re-installing Mojave via Recovery mode.

Been using Macs for almost 30 years now, and have so many excellent compliments for the company. I mean, some really stellar customer service. So I guess I'm spoiled...because this situation really pisses me off. Looking forward to having them rectify things.

P.S. Any advice on whether or not to upgrade to Catalina? I'm using it on my other iMac, and there don't seem to be any issues with it.

Used Recovery to reinstall Mojave. Have done nothing else. Things look fine right now. Am going to hold my breath and stand very still for the time being.

 

[PeterLD]

If I’m correct, the installer date is from September 2019, before 2nd supplemental update and before Security 2019-001.

Yes, I inspected the downloaded app carefully:
In the App Store Version History has 1y ago and it is (c) 2019.
In Finder Get Info I see created date 2019-09-19, modified today, (c) 2007-2019.
Looking inside the package: Contents/_CodeSignature/CodeResources created+modified 2019-09-21.
Contents/Info.plist, PkgInfo and version.plist are 2019-09-19. This is the date (and time) Get Info reports.
The software is in *.dmg files in Contents/SharedSupport. They have today's date, but from looking at InstallInfo.plist (2019-09-19) I suspect that is because they were unpacked from OSInstall.mpkg.
This is all encouraging: the installer app looks like the original release of Mojave.

 

[Earl Urley]

My question is this: Does macOS Recovery forcibly re-install the problem Security Updates? Or are they downloaded after re-installation of to original operating system in the usual way by System Update?

Big nope on that. On mine, it brings me back to macOS 10.14.6, build 18G103 every time and it always wants to install Security Update 2020-005 right after that. I suspect Safari 14.0 is encapsulated inside SU 2020-005.

There seems to be some chatter that running Onyx after the SU and clearing / rebuilding all caches, then letting the machine sit for a while brings RAM back to pre-update levels; I'll try that and see how it goes.

I suspect some people may have not had any issues because they let it sit without rebuiliding caches, etc.

 

[Patrice Brousseau]

Well, memory usage is back to 12 gb out of 16 after 2020-005 (even if all prior updates were applied sequentially). And cDock is crashing again...

Now trying Onyx cleanup but I don’t have high hopes!

 

[PeterLD]

Big nope on that. On mine, it brings me back to macOS 10.14.6, build 18G103 every time and it always wants to install Security Update 2020-005 right after that. I suspect Safari 14.0 is encapsulated inside SU 2020-005.

Thanks for that.

When I (regrettably) installed Security Update 2020-005, Safari 14.0 was offered as a separate option in System Update. They also appear as two separate folders in /Library/Updates. In an earlier post I listed the System Report > Software > Installations, and they are separate there too.

 

[Patrice Brousseau]

Ok, a tiny bit better after Onyx cleanup but less than ideal:



With apps opened (Chrome, Firefox, Gimp, Word and iMovie), memory is compressed but still in the green.

However, with such a bad memory management and cDock not working, I'll pass...

 

[Jurgen Kraus]

Same problem after installing security update 2020-05 on Mojave: slow boot and high Ram usage/fans going crazy.

Tried to re-install 10.14 in recovery drive: tells me only 15 GB are available, I need 2-3 GB more.

Checked system in safe mode: same.

Onyx did not make any difference either.

Deleting files [iTunes, iPhoto, Documents folder] pushes that free space into the "purgeable" category: with now 68 GB free space, the recovery volume still only recognizes 15 GB free space.

Result: cannot re-install 10.14.

Called Apple: we tried safe mode etc. Went through two levels of advisors. No fix. Case has been escalated to their engineers.

 

[Hessel89]

Anyone else have the problem that you can't create a new user profile on SU 5?

 

[chromotype]

Not sure if this is related to the high memory usage, or if it is coincidental, but I'm seeing a bucket load of messages in /var/log/system.log that look like:

Finder[411]: objc[411]: Class asn1IntegerToken is implemented in both /System/Library/PrivateFrameworks/StoreServices.framework/Versions/A/StoreServices (0x7fffb37156a0) and /System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Frameworks/CommerceCore.framework/Versions/A/CommerceCore (0x11ad9cf70). One of the two will be used. Which one is undefined

The reporting process (in this case, it's Finder), errant class and library name vary in the messages, but they all claim that some objective-C class is implemented twice. That last part "One of the two will be used. Which one is undefined" looks rather scary and would be consistent with bad libraries being shipped with the system update.

The messages started being reported in system.log immediately after the update. I've also seem a couple of other people reporting seeing the same log messages after Mojave 2020-005 on Twitter, and in Apple's discussion forum.

 

[Earl Urley]

So, applied SU-005 and am now letting it sit while checking Activity Monitor every so often.

I don't ever remember WindowServer taking up 385 MB with nothing but the the Finder open..

For what it's worth, Activity Monitor is currently reporting these values:

Physical Memory: 16.00 GB App Memory: 6.64 GB
Memory Used: 9.87 GB > Wired Memory: 1.93 GB
Cached Files: 3.64 GB Compressed: 1.36 GB
Swap Used: 0 bytes

Sure would love to know what processes are responsible for gobbling up almost 10 GB of RAM.

 

[Patrice Brousseau]

Not sure if this is related to the high memory usage, or if it is coincidental, but I'm seeing a bucket load of messages in /var/log/system.log that look like:

Finder[411]: objc[411]: Class asn1IntegerToken is implemented in both /System/Library/PrivateFrameworks/StoreServices.framework/Versions/A/StoreServices (0x7fffb37156a0) and /System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Frameworks/CommerceCore.framework/Versions/A/CommerceCore (0x11ad9cf70). One of the two will be used. Which one is undefined

The reporting process (in this case, it's Finder), errant class and library name vary in the messages, but they all claim that some objective-C class is implemented twice. That last part "One of the two will be used. Which one is undefined" looks rather scary and would be consistent with bad libraries being shipped with the system update.

The messages started being reported in system.log immediately after the update. I've also seem a couple of other people reporting seeing the same log messages after Mojave 2020-005 on Twitter, and in Apple's discussion forum.

Saw this too in verbose...

Back to working 2020-004 system...

 

[Allyance]

I too spent hours trying to fix the problem from the last update. Read the comments here and re-installed Mojave then turned off Automatic updates. Thanks guys, that did the trick. What a pain in the ass.

 

[pmiles]

After installing security update...

WindowServer memory usage ballooned to 395MBs... after restoring Mojave from recovery mode... WindowsServer memory usage is back to it's normal 59.9MBs.

It literally eats up all your memory... and turns your machine into a slug.

 

[Earl Urley]

Forgot to mention, ran Onyx's maintenance routines to clear caches before I rebooted and let it sit. After 3 hours, RAM is the same. Am going to run Onyx, clear the default caches, reboot, login, and let it sit overnight.

 

[Elf7]

Just registered to post that everything is ok now after re-install.
(Late 2012 i7 mini, 8GB of RAM, Mojave)
I don't know if i should install Safari 14 cause i'm not sure if it was SU only.
Any thoughts?

Cheers!

 

[Earl Urley]

I think it's safe to do -only- Safari 14, as I had updated it to 14 right before SU 2020-005 and didn't see the bullcrap readings in RAM with just that installed.

Seeing a lot of people on Twitter also complaining about Mojave SU 2020-005.

Booting into Safe Mode slightly reduces the mystery memory gouge, but it's still there; 8.98 GB of RAM mysteriously being used instead of 11.57. Windowserver went down to 126 MB of RAM, though.

If Apple releases a fix, it should be as Mojave Software Update 2020-006. If they issue a fix and call it Supplemental Update to Security Update Mojave 2020-005 someone at Apple deserves to get bitch slapped.

 

[Elf7]

I think it's safe to do -only- Safari 14, as I had updated it to 14 right before SU 2020-005 and didn't see the bullcrap readings in RAM with just that installed.

Thanks! 👍

 

[carylee2002]

Feels like Apple is putting their big brother hand on top of your rigs to keep in you check. I turned off my updates in my rig and about to go off the grid so they won't try to sneak it in like they do with IOS updates.

 

[Colstan]

I can echo the experience everyone in this thread has dealt with. My base model 2018 8GB Mac mini also suffered from the slow boot times, excessive memory usage, as well as immediate compressed memory and swap file. None of these were issues before the 2020-005 security update. I ended up restoring from Time Machine, and sure enough, all of these issues were gone.

One thing I might add, and this is entirely speculation on my part, so keep that in mind. I speculate that these issues we are experiencing with Mojave and recent security updates is due to limited resources and manpower within Apple. Sure, they have plenty of money, but all the money in the world isn't going to magically create skilled operating system programmers. They seem to very much want us Mac users to update to the latest version of macOS. I've noted that a few customers that have called Apple support about similar problems are told that they have to update to Catalina before they can help them.

Also, keep in mind that it's crunch time with Big Sur. It's a massive update that doesn't just overhaul the OS, but also has to support both Intel and Apple Silicon. We aren't seeing the challenges of doing that publicly. Again, this is speculation, but it seems that has left a skeleton crew to push security patches to older versions of macOS. If that is the case, Apple may just be slapping them together while doing little or no testing, and consider it a "courtesy" for users who still stick with an older version of macOS. It may explain why there have been so many issues revolving around security updates this year.

Anyway, if that is the case, then we should all be wary of future security updates to Mojave, and even Catalina, since it's being replaced with Big Sur.

Colstan

 

[Colstan]

My speculation from above aside, here are some links that may provide more information for those experiencing this issue.

First, Mr. Macintosh has done an excellent writeup on this issue and is recommeding that users do not install security update 2020-005. He provides a very detailed analysis and how to reverse the changes made by the update.

Mr. Macintosh Article

As noted in said article, Apple Support has officially responded, and as I speculated above, they are entirely unhelpful.

Apple's Support Response

Yes, they are telling you to update to Catalina and very helpfully giving you instructions on how to do this. I'd like to give Apple Support instructions on how to go pound sand, but I doubt that would be productive.

Colstan